package com.wwj.web.realm;

import com.wwj.web.domain.ShiroPermission;
import com.wwj.web.domain.ShiroUser;
import com.wwj.web.service.PermissionService;
import com.wwj.web.service.RolesService;
import com.wwj.web.service.UserService;
import com.wwj.web.utils.ActiviUser;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.apache.shiro.util.SimpleByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.ArrayList;
import java.util.List;

public class MyRealm extends AuthorizingRealm {
    @Autowired
    UserService userService;
    @Autowired
    RolesService rolesService;
    @Autowired
    PermissionService permissionService;

    /**
     * 认证
     *
     * @param token
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        String principal = (String) token.getPrincipal();
        //封装用户信息的类
        ActiviUser activiUser = new ActiviUser();
        //查询用户的基本信息（用户名、密码、性别、地址等）
        ShiroUser shiroUser = userService.getShiroUserByUserName(principal);
        //查询用户的角色
        List<String> rolesByUserId = rolesService.getRolesByUserId(shiroUser.getUserid());
        //查询用户的权限
        List<ShiroPermission> permission = permissionService.getPermissionByUserId(shiroUser.getUserid());
        activiUser.setShiroUser(shiroUser);
        activiUser.setShiroRoles(rolesByUserId);
        activiUser.setShiroPermissions(permission);
        System.out.println("doGetAuthenticationInfo------------_____------->" + activiUser);
        //加密凭证中盐Salt：使用用户名和用户ID作为盐
        ByteSource credentialsSalt = new SimpleByteSource(shiroUser.getUsername() + shiroUser.getUserid());
        //第一个参数用户传给授权部分。也可以使用subject.getPrincipal()获取到
        AuthenticationInfo info = new SimpleAuthenticationInfo(activiUser, shiroUser.getUserpwd(), credentialsSalt, this.getName());
        return info;
    }

    /***
     * 授权
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        //获取认证后传过来的值
        ActiviUser primaryPrincipal = (ActiviUser) principals.getPrimaryPrincipal();
        System.out.println("doGetAuthorizationInfo------------_____------->" + primaryPrincipal);
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //给用户添加角色
        info.addRoles(primaryPrincipal.getShiroRoles());
        //把权限对象的权限值提取出来
        List<String> permissions = new ArrayList<String>();
        for (ShiroPermission p : primaryPrincipal.getShiroPermissions()) {
            permissions.add(p.getPercode());
        }
        //给用户添加权限
        info.addStringPermissions(permissions);
        return info;
    }
}
